AlmaLinux update 9.4 to 9.5

Hi!

Currently running AlmaLinux 9.4 on production servers, I’m preparing to update to the latest 9.5 release.

As noted in the release notes:

To update your AlmaLinux OS 9 to 9.5, run:

dnf upgrade -y

This works fine on a new server. However, on a production server where we don’t want to update the entire system (e.g., PHP, MySQL), what is the proper procedure to update to 9.5 while keeping other packages untouched?

I was considering the following approaches:

dnf group update Core
# or
dnf upgrade --repo baseos --repo appstream # but this doesn’t seem ideal

I believe the first option is the correct one. Can you confirm or suggest the correct commands?

Thanks !

After some test, i think in found the best way ;

uname -a 
# Linux XXXXXXXXX 5.14.0-427.26.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jul 17 15:51:13 EDT 2024 x86_64 x86_64 x86_64 GNU/Linux
dnf makecache -y
dnf upgrade -y almalinux*
dnf group upgrade -y 'Core'
dnf upgrade -y --security 
dnf upgrade -y kernel* 
# shutdown services and reboot
uname -a 
# Linux XXXXXXX 5.14.0-503.14.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 19 21:25:22 EST 2024 x86_64 x86_64 x86_64 GNU/Linux

What do you think about that ? :slight_smile:

The -y flag says “yes” to all questions. The dnf does not ask: “Do you want to shoot your leg?”, but automatic yes still feels bold. (Then again, my Ansible playbooks do say yes …).


How do you expect “unrestricted” dnf up to affect PHP, MySQL, etc? (A design goal of Enterprise Linux is to not break installed systems with update.)

This can work well in a standard environment without any other dependencies.
We have already encountered a problem due to a security update of openjdk for example … one can never be too careful I think …

Don’t cherry pick packages, it is risky. If you need a specific version of PHP, use another repo such as Remi for PHP. Not sure about MySQL though.

yep ! think we’re going for upgrading Core group, all security and kernel, everything works after.